Secret Server Feature: AES 256 Encryption

Secure privileged accounts
with strong encryption

What’s the challenge?

Too often shared passwords are stored in clear text in custom databases, spreadsheets, or shared documents. These are easy targets for attackers to overcome and not sufficient for many compliance requirements.

Why it’s important

Privileged accounts represent some of your most sensitive data. Make sure they are properly protected using advanced encryption standards.

How this feature solves it

AES 256 bit encryption is the strongest encryption available for password management software, which when combined with our other security features like an HSM or DoubleLock, provides unsurpassed security for sensitive enterprise passwords.

In addition to at rest encryption of Secret data, Secret Server can also be used with SQL Server Transparent Data Encryption (TDE) for further data protection. SSL/TLS can be enforced on all connections to ensure end-to-end encryption.

TRY IT FREE FOR 30 DAYS. It’s fast to install and easy to use!
Start your free trial of Secret Server using the trial form.

Additional Information

Encryption Key Per Installation
Secret Server generates a unique encryption key during installation. This key is encrypted and kept in the encryption.config file or managed by an HSM. The combination of this file and your Secret Server database allows you to reconstitute your system at any point. So back up your encryption.config file and your database! In fact, you may as well back up your Secret Server application folder and the database for easy moving or restoring of the application.

Login Password Protection
Secret Server hashes and salts local user passwords using a randomly generated salt and the PBKDF2-HMAC-SHA256 hashing algorithm. Active Directory logins authenticate directly against the domain and their passwords are not stored in the Secret Server database.

Tighten user authentication security even further with these built in options: